Your system is not supported by certbot-auto anymore

I always run it with --no-self-upgrade but I have to upgrade from time to time if I want it to keep working. We are not talking about some box that will be gone in 3 years. Another client still seems to be the better choice.

Actually that step was only required for the first install.

1 Like

As the certbot-auto script is deprecated anyway, yes, that might be better indeed. But for the short run, you can run the previous version if you really need to.

1 Like

You could go totally overboard and completely write your own client like I did. Granted that support and maintenance come from the man in the mirror. :grin:

3 Likes

I guess it's the gold standard, if by that you mean the gold standard for how Let's Encrypt should not be used.

5 Likes

If you're paranoid about security though, it really is the ultimate DIY approach. Fully-downloadable, all-inclusive JS with no key sharing (account or certificate). Tin foil hat optional. :wink:

2 Likes

It seems like most active projects are trending toward docker or snap distribution at this point. Hopefully that'll make snap less painful to use over time, but I really don't see sticking with native distribution as a long-term viable alternative, even acme.sh. Sure would be nice to have a better deprecation message telling you what the successor is, of course.

2 Likes

I beg to differ. I'm running Gentoo and don't use binary packages. Snapd doesn't even run on non-systemd systems. I see docker as a system for people who are new to Linux and need an easy method.

1 Like

Personally I am fond of agnostic approaches like PHP and JS with minimal/no extension that leave handling the underlying details to the platform. They let me focus on developing and maintaining my client rather than worrying about porting issues.

2 Likes

You mean stuff like Composer/Packagist? :weary:

1 Like

Fair point. To avoid such dependencies I try to only use the base functionality (i.e. standard libraries almost always included with the base install). I'm not too worried about PHP deprecating openssl or curl.

4 Likes

You mean this install of PHP? Base/basic enough? :smiley:

[ebuild R ] dev-lang/php-7.4.9:7.4::gentoo USE="apache2 -acl -argon2 -bcmath -berkdb -bzip2 -calendar -cdb -cgi -cjk -cli (-coverage) -ctype -curl -debug -embed -enchant -exif -ffi -fileinfo -filter (-firebird) -flatfile -fpm -ftp -gd -gdbm -gmp -iconv -imap -inifile -intl -iodbc -ipv6 -json -kerberos -ldap -ldap-sasl -libedit -libressl -lmdb -mhash -mssql -mysql -mysqli -nls -oci8-instant-client -odbc -opcache -pcntl -pdo -phar -phpdbg -posix -postgres -qdbm -readline (-selinux) -session -session-mm -sharedmem -simplexml -snmp -soap -sockets -sodium -spell -sqlite -ssl -systemd -sysvipc -test -threads -tidy -tokenizer -tokyocabinet -truetype -unicode -webp -xml -xmlreader -xmlrpc -xmlwriter -xpm -xslt -zip -zlib" 0 KiB

To be fair, this aren't actually my USE-settings for my PHP :wink:

3 Likes

What did you end up doing? I also rolled my own distro.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.